I’ve spent the last couple of days setting up OpenVPN, the open-source VPN software, and I’m very impressed.
My parents’ office is increasingly mobile, with my sister working from home with the baby, and Mum and Dad needing to access data while out at clients’ offices. Up to now they’ve coped with a laptop, copying files back and forth as necessary, but this isn’t great for backups or security. As most businesses have wireless broadband internet these days, a Virtual Private Network - connecting to the office network via the Internet - seemed like a good idea. The trouble was, VPNs scared me.
I’m not a total novice - I’ve had some experience setting up a proprietary Cisco system. I didn’t get into the real nitty-gritty of that setup, but I understood the basic concepts: the need for encryption and authentication etc.. However, I also knew that things get very complicated very quickly. Encryption alone is a nightmare. I know from experience that these things are easy to grasp at a basic level, and there’s always plenty of information at the technical level, but bridging the two is difficult. Without a structured training course you run the risk of missing something important, or - and this was my primary worry - configuring something that works, but that you don’t really understand.
So I tentatively started exploring the options. If I needed to buy a bunch of books, so be it. And I quickly came across Hamachi.
Hamachi is VPNs for doofuses, like me. You install a client onto each computer, and these then register with a central server. When you want to connect to another machine on this virtual network, the central server mediates a secure connection, then leaves them to it. I didn’t understand the ins-and-outs of the security features, but it’s recommended by the ever-paranoid security expert Steve Gibson, so I figured it must be pretty good. Icing on the cake: it’s free.
I installed it. It was indeed remarkably easy to set up - I had to configure a couple of port-forwardings to get it fast enough, but when it worked, it worked very well. Other machines were accessible by their Hamachi name, so I could treat them as if they were on my network. Totally seamless. Great! But, the service was occasionally down. And if the central server isn’t working, there’s nothing you can do. Plus I had intermittent connectivity to certain computers - Hamachi would sometimes only establish a proxied connection, so data would have to flow through the Hamachi central server rather than directly (and you’re only allowed a certain bandwidth before they kick you off - unless you pay a subscription). If this were continuous I could have fixed it, but it only happened occasionally, and that’s just annoying. I also had problems with kicking machines off the network, as well as annoying bugs in the client generating demands to set a ‘master password’ every restart. So I started looking elsewhere.
And that’s when I first found mention of OpenVPN (again from Mr Gibson). It seemed to do exactly what I was after, but without the external infrastructure - the software handles the connection at both ends, so there’s no need for central servers. It’s also open-source, free and highly recommended. But this obviously comes at the price of extra complexity, and it would clearly be far from the easy ride of the Hamachi setup. Nevertheless, this seemed to be the best option, so yesterday morning I took a deep breath and dived in.
I needed an overview, and their home page links to OpenVPN and the SSL VPN Revolution - a white-paper on the concept of OpenVPN. Sounds terrible, right? Official documentation is usually extremely detailed and extremely useless for the beginner - I usually have to search for clarifying blog posts or forum questions, and piece it together from a thousand different sources. Not this time.
That document explains everything, and explains it clearly. Even amusingly (”There are many ways to exchange keys, some elegant and some barbaric”). From the basic problems a VPN needs to solve, to the various different attempts to solve said problems (and why some of them suck *cough* IPSec *cough*), to the most advanced and battle-hardened encryption methods and authentication standards, it covers everything. I was amazed.
I was particularly fascinated by public/private key encryption. I thought I understood it. Turned out, not so much. I’d love to be a mathematician in that field, as it’s very cool. Here’s how the aforementioned document describes it:
Certificates use Public Key Cryptography, meaning a host generates a public and private key pair that are mathematically related to one another. Any data encrypted with the public key can only be decrypted with the private key, and vice versa. Each end system has its own public/private key pair. The public key is given out to the world to encrypt traffic bound for the system, and the private key is kept secret to decrypt this traffic. The private key can also be used to prove that data was actually sent by a specific entity, which is called non-repudiation. If I encrypt something with my private key you can confirm it is really me by decrypting it with my public key.
As I said, I’ve been introduced to these concepts before, but the above was like a light bulb flicking on. I can’t recommend the white-paper enough as an all-round introduction to VPNs. I’ll probably need to read it again within a week, then refresh it occasionally, to keep the not-often-used concepts in my head, but that should be do-able.
Armed with this knowledge, I set about installing OpenVPN. I pretty much followed the HOWTO on the website. I set up the GUI, generated the various certificates, forwarded one UDP port at the server end, configured the text files and copied the right files to the right places. It took maybe 40 minutes to get everything ready, so i clicked ‘connect’. Didn’t work. Obviously - nothing does first time. I quick glance at the logs and…I hadn’t put a file path in quotation marks. This fixed, I hit connect again and…it connected.
I was logged in to my parents’ network over an uber-secure connection, and could ping the server. Just like that. A config line, a static route and an XP registry tweak later, I could ping any machine on their network. Another generated key and I had an extra authentication layer. A tweak to the certificates and the initial connection startup was passworded, just so anyone messing about with the laptop can’t play havoc by accident. No hassle, no stupid bugs, no stress. That’s pretty rare. So the technical side was set up exactly how I wanted it, which was lovely, but I needed more. It needed to be used by non-geeks, so required prettification.
OpenVPN GUI let me create a desktop shortcut, and via registry tweaks I turned on the silent connection options, which hide the ugly console windows and encryption info. There’s also the option to run a batch file on connect/disconnect - I set these to map/delete network drives. Sorted.
So on their laptop my parents can click a shortcut, enter a password, and a few seconds later they have an E: containing all of their documents, as if they were at home. On any wifi connection. This is exactly what I wanted, and it’s brilliant that it worked so well, but more important is that I understand what’s happening this time. It’s not magical Hamachi superpowers, it’s blowfish encryption and certificate-based authentication over an SSL connection. And writing that didn’t scare me at all.
This somehow got very long. But in conclusion: I haven’t tested OpenVPN extensively yet, but initial impressions are great. So far it’s been easy to understand, rock-solid stable and everything I could ask for. And the white-paper = as good. Recommended.
General notes:
The only worry I had was that Windows File Sharing might need to know the names of individual computers, which wouldn’t work over the VPN1. I thought I might have to set up a WINS or samba server to control computer names, and a bit of googling suggested there are no WINS servers for XP, and installing samba would always require linux - a whole other skillset. But I was wrong - Windows File Sharing is happy to work via IP, so I just used that.
Today I set it up on my sister’s Vista laptop. This presented its own challenges that I shan’t bore you with. I will just say that a) the promised client installers will be a great help - deploying the current setup to many computers would require jumping through a few hoops atm - and b) transferring executable files over the Internet is increasingly nightmareish: the combination of Gmail, Live Messenger and Vista paranoia drove me doolally. If you want to set up a machine, it’s easiest to drive over with a usb stick.
FYI, the current state of remote control software for Vista is appalling. Vista Home doesn’t support Remote Desktop; TightVNC doesn’t support Vista; UltraVNC does, but its site and setup procedure are currently such a mess that talking a novice through it on the phone would be formidable. But the built-in Remote Assistance, of all things, saved the day. XP’s version was a bit rubbish, but Vista’s implementation actually understands NAT and routers, and Just Worked. I was actually pretty impressed, as it can even handle UAC prompts. Worth a look.
- I set up a ‘routing’ network rather than a ‘bridging’ network. This means only IP-based protocols can flow between the two, and netbios is certainly not IP-compatible. Bridging makes it all look like one big network, but is more complex and unwieldy [↩]
Abode released a beta of Lightroom 2.0 this morning, which was quite the surprise. The feature list is impressive, but most interesting are:
- Much better Photoshop integration. Images can now be sent directly into CS3 without requiring an export. It can also send a group of pictures straight through to be merged into a panorama or HDR image. Now they’ve implemented this feature I really don’t see the need for Bridge, Photoshop’s built-in image browser.
- Localised masking. This is the big, attention-grabbing one - Lightroom can now edit specific areas of images. It’s nicely implemented, although since it links so well into Photoshop I might just use that instead. Well, I say that. In practice it might be quicker to do lots in Lightroom - we’ll see.
- Smart collections. These are a bit like iTunes’ Smart Playlists. You can configure a bunch of rules, each with individual AND/OR inclusion settings, that give you a very nice way of focussing on specific images. So you can have a dynamically created set of recently-edited images, or anything with the keyword ‘monkeys’ taken last May, with a wide-angle lens. Etc..
- Dual-monitor support. I’ve got two monitors, so I can have the smaller one displaying an overview of an image as I change particular elements. Or it can show the grid of photos while I edit on the main monitor. My smaller monitor’s colours are a bit dodgy, but it’s still useful as a rough guide.
There’s a fair bit more: export sharpening, better filters, a loupe in the details panel, and the interface has been overhauled and some of the existing features tweaked. A full guide is here.
Scott Kelby etc. have some introductory videos up, and their FAQ has some interesting details. They reckon the full version will be released June-ish, and there won’t be any beta updates between now and then. No word on pricing yet.
I’ve been playing around with it today and they’ve certainly been listening to the feedback. Lots of things work just that bit better, but it’s the Photoshop links that are the most useful for me. There are a couple of bugs, as is to be expected with betas, but nothing show-stopping yet. The program was pretty good already, but v2 adds enough that I can’t see me not buying the upgrade.
Because I own version 1.3 I can invite people to be on the beta program for six months - otherwise you’re limited to a 30-day trial - so let me know if you’d like an invite.
My computer had never worked properly since I put in together in late 2005. I got random static bursts, and most USB devices would crash the system if left plugged in. I replaced the motherboard in desperation six months later, but it didn’t help much - the same problems came back. Research suggested the CPU and motherboard (both of them!) conflicted in some bizarre way, but no solutions were forthcoming, and I eventually gave up removing this or that piece of hardware every few weeks to see whether it made a difference. I didn’t have the money to replace both, so I lived with it. This happens sometimes with technology - it just never works right, and you end up having to buy something new. I got used to working around the problems for a couple of years, but a confluence of problems last month finally did me in. Before February it would have been a luxury, but it crossed into the sensible-decision bracket, so I didn’t have to feel guilty. I was going to need more RAM and a new hard drive anyway, so I finally gave in and ordered a totally new system, this time based around Intel rather than AMD.
I’d decided early on that my priority would be processing and editing photos. I’m not bothered about playing games - I’d like to be, but nothing other than guitar hero has grabbed my attention for ages now - so I concentrated on RAM and CPU power at the expense of graphics. My friend Ben helped me choose the most appropriate equipment, and we ended up with a Q6600 quad-core processor with 4gb of RAM, plus a larger HD. It all arrived yesterday morning and I put it together in the afternoon.
The hardware setup took a few hours, after which it worked first time, which is a rarity! I then spent as long trying to talk the XP install into understanding the SATA drivers, and my twitter followers will know how frustrating that became - sorry! After that, though, everything was smooth as Captain Jack. XP is now all installed and I’m nearly done getting it all configured.
Lightroom and Photoshop are mind-bogglingly faster. Adobe products are one of the few that can take full advantage of four processors, and the extra RAM1 means much less hard-drive thrashing. I can switch between the two programs without having to shut down everything else, and this morning I was happily editing in both programs with Firefox and iTunes running in the background. This is exactly what I wanted - editing photos should be much less frustrating now, and for the next few years of my uni course.
A couple of weird little problems have solved themselves, too. I was having issues with a) my mouse double-clicking when it should be single-clicking, and b) my router dropping packets so random bits of websites would fail. Both have Just Gone Away.
I’ve also seen a significant speed boost in Google Docs, of all things - I guess it relies heavily on local javascript processing.
I tried not to get too wound up over the old problems - there are worse things in life than the odd crash, or having to remember to unplug a card reader - but *tempts fate* it’s really very nice to have a stable system. Totally worth it.
- only 3.5gb is accessible as I couldn’t stretch to a 64-bit OS [↩]
I’ve a digital photography module this term - YAY - and it’s going to involve some fairly intensive training in Photoshop CS2. I know my way around photo editing programs generally, but I’m sure there are plenty of gaps and I’m looking forward to having a professional around to show me what I’m doing wrong. The university has suites of Macs and high-end printers, but as they’re two hours away I think it’s sensible to get hold of Photoshop at home.
The student version of CS3 is £140, and while waiting to afford that I figured I’d download the 30-day trial. I picked up an enormous tutorial book from the library so I could have a play around, and promptly discovered that I already installed the trial last year. My 30 days are up, so I can’t get in.
I know I can get around this by reinstalling Windows; there must therefore be something somewhere I can delete to reset the 30 days. Obviously Adobe make this difficult so people can’t use the program indefinitely, which is fair enough. I could use a keygen and (illegally) unlock the trial to the full version but I have too much respect for my computer to start messing around with warez stuff. And I don’t want to feel like I’m ripping anybody off. 30 days is more than reasonable…I just need them again 
Not a big worry, in the grand scheme of things. Little frustrating, though. I’ll try to install it on my parents’ laptop instead. I can only steal that a couple of times a week, but it’s more powerful than my home computer anyway…
The Arecibo telescope in Arizona watches the sky for extra-terrestrial broadcasts. It’s the largest telescope in the world, and has recently been upgraded to generate more than 500 times the previous amount of daily data. SETI now needs to sift through a daily 300gb, and they therefore need more users to install their software, which analyses batches of data whenever your computer isn’t doing anything else. This is a million miles from UFOs and all that nonsense - it’s actually incredibly likely that civilisations exist elsewhere in the universe, it’s just detecting them that’s difficult - so if your computer is wasting time doing nothing, why not head on over and give them a hand?
Anybody have experience with mindmapping apps / websites? I’ve always found mindmaps useful and am thinking I should be using them for essay planning / research. There are a huge number of possibilities listed on wikipedia…I like the idea of an online solution so I can quickly access it anywhere, and am currently looking at comapping.com and mindmeister.com. The former is nice and quick, if a little visually dull - sure, left->right might be easier to understand, but it’s not as exciting. The latter isn’t based around flash, hooks into twitter/skype, and generally feels and looks more web2.0-y (not that this means anything). I’ll give them both a try over the next few days - anything I should particularly be looking at? I’m really after the one that’s destined to be bought by Google…
Yesterday’s IE7 problem came back this morning, after Vista apparently reset ‘protected mode’ overnight (I hate this - why didn’t it do so in three restarts yesterday?). I’ve turned off UAC for now, but I’d like to find the exact cause. Is silly. Might have to resort to asking in newsgroups.
The only detail I had before arriving was ‘Internet Explorer won’t start up’. And so it proved. Double-clicking the icon produced a helpful Vista error message with no further details, and event viewer had the same info. The first port of call with IE problems is to disable third-party add-ons, and there’s a helpful “run without add-ons” shortcut hidden in the start menu. This crashed too. Hmph.
I reset the entire configuration from the ‘advanced’ tab of Internet Options and this fixed the problem. Once. After closing the browser it wouldn’t open again. On the basis that maybe the add-ons shortcut was lying, I tried disabling all non-MS add-ons. Nothing. Something was obviously getting its hooks into IE after the initial load, but I couldn’t find anything.
Much resetting later I found a fix: turn off ‘protected mode’. This was far from ideal, and not really addressing the issue. Vista’s IE7 ‘protected mode’ is designed to prevent IE from altering things it shouldn’t, and is a useful setting to enable on any machine which kids can access. Quick googling suggested some something must be trying to access a protected area on startup, killing IE in the process. I considered disabling the many MS ‘add-ons that run without requiring permission’, but they all looked necessary for IE to function at all.
I found another solution: disabling UAC. I haven’t used Vista much and UAC is already annoying the crap out of me, what with blanking out the screen for no apparent reason, supplying messages that I barely understand, let alone the average user, and generally whining about every other mouse click. I’d certainly disable it on my own PC, but I was reluctant to do so on someone else’s. Eventually I realised it only worked because turning off UAC automatically disables protected mode, so wasn’t helpful.
The machine is a couple of weeks old, and was working fine until yesterday, when Office 2007 and Norton 360 were installed. I suspect Norton, but then I’d probably suspect Norton if they’d only passed it on the shelf, such is my dislike of that program. I tried removing it, including running Symantec’s stand-alone uninstaller, but it made no difference.
I cleared out folders, ran the system file checker, scanned for spyware. Nothing helped. On XP I’d have reinstalled IE7, but there’s no way to do that on Vista short of reinstalling the entire OS. In the end I left it with protected mode disabled, but it’s niggling me. Even with the main shortcut working ‘no add-on’ mode still crashed, so it’s clearly still messed up under the surface. Annoying. Can anyone think of anything I missed, or a debugging technique I could have tried?
Microsoft Office Ultimate 2007 retails at £600. It’s now available, for students, at £40, or £12 for a year1. As of Wednesday, I’ll be an official student. I’m trying to decide whether I need it.
I’m mainly after Word and Excel - the other programs look interesting, but I don’t see any need for them. Right now, Google Apps handles most of my document/spreadsheet needs, and anything more complex is farmed out to OpenOffice. I really like GA’s online model, so I’d be using Word/Excel for anything difficult or where WYSIWYG is important. This is actually quite rare, but I guess uni may change that.
I have plenty of issues with OO Writer - formatting bugs seem to crop up all the time - but I can usually iron out the problems and end up with something decent. My subjective impression is that Word/Excel are less buggy, but it’s not a big issue for me. I think there’s a general quality difference, though. Word and Excel are much smoother and more pleasant to use, in my experience, but, again, I’m not worried about that.
I don’t think there’s much difference in features. OO seems to be capable of all the complexity I’ll ever need, if I take the time to investigate it properly. Compatibility issues could conceivably crop up, but OO has done a great job of saving in whatever format I need so far. And the new XML file formats should help with that. Eventually.
Finally, there’s the technical support side - it helps to know Office when helping people over the phone, and given the major UI changes in Office 2007 it’d be useful to get some experience. I don’t get many questions about Office, though.
The biggest reason against is that the student license prohibits commercial use, whereas I can use OO professionally. I’m aware that nobody’s going to check, but I’d still feel bad - Office may be extortionately priced, but the decent response is to use something else rather than steal it.
I fully expected to snap up this offer, but I can’t currently think of any reasons to, other than curiosity about the new UI. The scheme is apparently around until next March, so I’ve time to change my mind. I’m much more excited about Photoshop CS3 student edition. The GIMP is pretty good, especially the new beta, but I recently installed the CS3 30-day trial and it’s undeniably superior.
- thanks for the tip, Ben [↩]
The below video demonstrates a method of resizing images that leaves the important areas intact. The software analyses an image for the least important curved lines of pixels, based on a gradient magnitude1, then adds or removes them as necessary. This results in apparently seamless (at youtube resolution, anyway) real-time contraction or expansion of the image area. Easier to see than to explain:
I’m sure they’re using images that suit the process, but it’s impressive nevertheless. They’re surely talking to Adobe about licensing…Found via Waxy.
- I’m not entirely certain what this is, but I’d guess it’s related to the average brightness/colour difference between neighbouring pixels? [↩]
Skype had a major outage at the weekend. Their explanation is:
On Thursday, 16th August 2007, the Skype peer-to-peer network became unstable and suffered a critical disruption. The disruption was triggered by a massive restart of our users’ computers across the globe within a very short timeframe as they re-booted after receiving a routine set of patches through Windows Update.
I’ve no real reason to doubt their statement, except to wonder that, given their fifty million users, don’t a significant percentage shut down their computers overnight? Windows Updates don’t arrive instantly, either - mine take up to 48hrs to filter through…just thinking out loud.
Despite possible skepticism, I think people wondering ‘if Skype was planning to refund them for all the calls they had to re-direct to other, usually more expensive, phone numbers during the period of disruption’ should get a grip. Firstly, Skype charges per call. If you can’t call, you can’t get charged. But maybe they’re talking about Skype’s incoming phone numbers, which do cost. Maybe the problem is with incoming callers having to use a more expensive number? Is there any phone company in the world who would even attempt such an open-to-abuse “refund”? I’m sure Skype are well covered by service agreements anyway. I can think of hypothetically costly examples, but doubt they actually happened. I can see how someone might be aggrieved at losing the ability to conference call, or something, but the extra pennies involved? Really?
While working at PC World I once had somebody ask whether we were going to pay for the petrol incurred in his coming back to swap a box of floppy disks. Sometimes the world screws you out of pocket change; that’s just how it is.
I’ve been doing some freelance photoshopping work this week. Just your basic stuff - extracting objects from their backgrounds - but I always enjoy image editing and it’s been a good refresher course in various techniques. I learnt Photoshop years ago using a dodgy copy, but as I don’t use pirated software any more I’ve been trying The GIMP.
The GIMP is an open-source, freeware image-editing program that, while not as powerful as the newer versions of Photoshop, supports reasonably advanced features such as paths, channels etc.. It’s powerful, but the learning curve is steep. A major roadblock is the interface: designed for Linux and ported to Windows, every panel is a separate window, and it’s confusing as hell at first glance. A project called GIMPShop attempts to adapt the GIMP into the Photoshop interface, but it’s only partially successful and tends to lag behind the latest GIMP releases, so I prefer to stick with the ‘official’ release. The lack of native Windows integration means the dialogs and controls are unfamiliar, all of which takes time to pick up. But I’ve been meaning to learn The GIMP properly for ages, and this was a great opportunity to finally get to grips with it.
I generally find open-source software to be extremely impressive, but full of small bugs. The GIMP (on Windows) is the same. There are no show-stoppers, just things you have to work around. Tools such as the eraser would occasionally just stop working, and a reset of the ‘tool options’ would fix the problem, despite apparently not changing anything (I am aware that my understanding of the software is limited, though, and I could just be missing something). There were a couple of problems with the window system not re-drawing properly on zooms, or after switching to other programs, but, again, nothing that didn’t have a workaround, even if it was just restarting the program. I suspect these were to do with the linux windows-system port rather than the GIMP itself. Whether there are more or fewer bugs than commercial software I don’t know - my instinct says commercial software like Photoshop just has the edge, bug-wise - but at least open-source software can be patched daily, or a skilled programmer could even do it themselves.
Other than the tool-reset issue, image-editing was a breeze. I was processing a few hundred images, and was able to set keyboard shortcuts I could whip through with my left hand, keeping my right on the mouse at all times. This sped things up tremendously. The GIMP saved into native .psd format without issue (I downloaded the 30-day demo of Photoshop CS3 just to check). The image selection tools were effective, consistent and fast; paths as wonderful / irritating to configure as ever. It didn’t blink at importing twenty 2mb layers in one go, nor resizing all of them simultaneously.
The million-windows problem, by the way, is the first use I’ve found for Microsoft’s multiple desktop powertoy - switching between a GIMP and regular desktop was very convenient.
The best discovery came late in the process, when a startup tip informed me of the eraser’s un-delete function. Press Alt with the eraser and it’ll put back anything you erased, no matter when you erased it. So if you realise at the end of an edit that your first magic-wand selection accidentally removed more of the object than intended, you can put it back without having to go through 25 undo-levels and repeat all your work. Photoshop probably does this too, but it’s a feature I hadn’t seen before and was really, really helpful.
Broadly, I was impressed. There was nothing in my Photoshop skillset The GIMP couldn’t replicate, and I didn’t have any more problems than the average with any new program. When you consider the hundreds of pounds even older versions of Photoshop still cost, that’s remarkable. I’ll have to investigate the many online tutorials, as I’m sure there’s plenty left to learn.
I love Google Docs. It’s become my regular word processor / spreadsheet package, and the sharing features are incredibly useful. I used it to write my 50,000 word NaNoWriMo novel last year and it didn’t break a sweat. On the rare occasion I need proper WYSIWYG or more advanced calculations I’ll use OpenOffice, but Google Docs is the future for casual work. I’ve been extolling its virtues to Abi, and for the last couple of weeks she’s been building a spreadsheet. Yesterday it abruptly stopped working, and I couldn’t figure out why.
‘Trying to reach google.co.uk…’ flashed red in the top left after the spreadsheet opened, but it never connected. Her internet connection was working fine otherwise. The culprit turned out to be Norton Internet Security. I could find no exception lists for websites, so the only solution has been to disable it entirely (NAV still runs, and her router has a firewall anyway, so it’s no big loss). I’ve no idea why it suddenly started happening - maybe something from LiveUpdate? Or it detects the every-few-second-saves as some kind of attack, and blocks the IP? Whatever, I thought I’d put it here for Googlers with similar problems.
My 30-day trial of Abode Lightroom just ended, and I was looking at pricing for the full version. I can’t afford it, sadly, but was interested to note that buying a direct download is a whole 74p cheaper than having the boxed product shipped to you. Wow. I just picked up a new memory card that came with a license for Capture One LE. It’s no Lightroom, but seems pretty good at handling RAW files and should be effective in combination with Picasa.
Anybody with Windows Automatic Updates enabled should get a nagging message in the next 24hrs. It’s worth installing the new security patch asap, as the problem with animated cursors, of all things, is actively being exploited. It’s highly unlikely you’ll come across an infected website, but it can’t hurt to be safe. If you don’t have WAU enabled (and if not, why not?) you should head over to Windows Update and pick up the patch. Don’t be tempted by the ‘Microsoft Update’ option, though - it’s still evil.